secullum-react-ui - npm Package Compare versions

Comparing version 0.0.5 to 1.0.0

package.json

 {
   "name": "secullum-react-ui",
-  "version": "0.0.5",
+  "version": "1.0.0",
   "description": "Set of React components for building user interfaces",
@@ -5,0 +5,0 @@ "main": "dist/bundle.js",

README.md

 # secullum-react-ui
 
 Set of React components for building user interfaces
+
+## Publishing a new version
+
+1. Update the version
+
+```
+npm version [major | minor | patch]
+```
+
+2. Build the code to be published
+
+```
+yarn run build
+```
+
+3. Publish it
+
+```
+npm publish
+```
+
+4. Push incremented version and tags to git
+
+```
+git push --follow-tags
+```

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Native code

Supply chain risk

Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.

Found 5 instances in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

2080585

increased by84.8%

Number of package files

17

increased by54.55%

Number of low quality alerts

2

decreased by-33.33%

Number of lines in readme file

30

increased by650%

Worsened metrics

Number of medium supply chain risk alerts

9

increased by80%

No dependency changes